Rule allowed but policy-deny?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Rule allowed but policy-deny?

L3 Networker
Hi, We have something strange in our firewall. We have a client/computer with Sonos software and the software need to update. When we click update in the software we get a message that something is wrong. So I checked our firewall and in the monitor I can see that the update needs to get pulled from akamai and it is denied. So I created a rule that the user have the permission to access this website. The update is still not working and I can see that in the monitor my allow rule is hitted but the session end reason is policy-deny. How to fix this?
1 accepted solution

Accepted Solutions

Hi Luke, I have found the solution. First of all add the following addresses: update.sonos.com update-firmware.sonos.com After that create an allow rule for the AD group with destination the two addresses. When this is finished create a no decrypt rule to these two destination addresses. Software and firmware update like a charm 🙂

View solution in original post

2 REPLIES 2

L5 Sessionator

Hi @ZEBIT,

 

Could you post a screenshot of both the traffic logs with policy deny, and the security policy rule you would like this traffic to hit please?

 

Thanks,

Luke.

Hi Luke, I have found the solution. First of all add the following addresses: update.sonos.com update-firmware.sonos.com After that create an allow rule for the AD group with destination the two addresses. When this is finished create a no decrypt rule to these two destination addresses. Software and firmware update like a charm 🙂
  • 1 accepted solution
  • 3949 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!